Sunday, January 11, 2009

Business needs to create mailbox called helpdesk to keep track of new helpdesk e-mail. The helpdesk consist of several team members and they all need to monitor helpdesk mail box and also send mail as helpdesk mailbox while the members logged into their own workstation.

Tier1@telnet25.org (mail enabled Universal Distribution Group) the reason why we are creating DL is to make all helpdesk team members to make a member of this DL called Tier1. This will give us ability to assign proper right to the Group and simply manage the rest of the operations by adding users in it.

This also adds send as rights on the Helpdesk mailbox for Tier 1 Group. Initially if you go to exchange server and open EMC, find the Helpdesk mail enables user account, right click, pick send as permissions and assign it to Tier1 Group, you will notice the AD object will get the same effects and send as right will be give to Tier1 group on Helpdesk object. Below command achieves same results from EMS.

Make sure you have already created helpdesk mail box as well as mail enabled group called Tier1 (Change the names as you wish). Also make sure you have added appropriate members into Tier1 mail enabled group.

Open EMS

Type or copy & paste below command.

As you can see after this command is issues, members of Tier1 Group will be able to bring helpdesk mailbox as additional mailbox on to their outlook shown below.

Add-MailboxPermission helpdesk -AccessRights FullAccess -User Tier1

Adding Mailbox Permission, we mailbox called Helpdesk and Mail Enabled Universal Security Group called Tier1. The command below will add Full access rights to Helpdesk for Tier1 Mail Enabled Universal Security Group.

Note: If your account is member of Tier1 Group you will be able to log in to outlook as yourself and by going properties of your mailbox (where your name appears within the outlook) and add Helpdesk mailbox as second mailbox to your own, so that you can monitor it.

This is also useful to troubleshoot a user problem, assign the rights to yourself and Plug the trouble mailbox to your own and when you are done remove the rights.

Properties

Advance

Advance

Click Add

Type the name of the mailbox (Helpdesk)

Click Ok two times to get out

Remember this does not grand the Tier1 Group send as helpdesk mailbox and most likely the person who monitors this mailbox will need ability to "send as" Helpdesk while they logged in as themselves. If you try to send mail as if coming from helpdesk you will receive

"You don't have the permission to send the message on behalf of the specific user"

Step 2:AD Send as Permission ON AD object as well as Mailbox itself

Add-ADPermission helpdesk -ExtendedRights send-as -user tier1

Remove AD Send as permission.

Remove-ADPermission helpdesk -ExtendedRights receive-as -user tier1

Note: This command will modify AD Object permissions for helpdesk mailbox as well as Exchange mailbox rights as it is shown below windows.

To see AD rights from command line

Get-ADPermission HelpDesk fl

Step 3

Easiest way is to login to any workstation as Helpdesk. Configure Outlook mapi profile for HelpDesk.

Within the outlook

Tools

Options

Delegates

Click Add

Add Tier1 Group and give Proper permissions

Note:

Note: remember we are assigning Send behalf rights to a mail enabled Group in this example

Use following cmdlet to assign Send behalf rights to a mail enabled Group